CVE-2024-43398 | rexml Gem up to 3.3.5 on Ruby API Parser REXML::Document.new xml entity expansion

Inserito da Angelo Barbosa | Ago 22, 2024 | CVE

A vulnerability classified as problematic has been found in rexml Gem up to 3.3.5 on Ruby. This affects the function REXML::Document.new of the component API Parser. The manipulation leads to xml entity expansion.

This vulnerability is uniquely identified as CVE-2024-43398. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-43398 | rexml Gem up to 3.3.5 on Ruby API Parser REXML::Document.new xml entity expansion

Post correlati

CVE-2024-1185 | Nsasoft NBMonitor Network Bandwidth Monitor 1.6.5.0 Registration denial of service

CVE-2023-42894 | Apple macOS up to 12.7.1/13.6.2/14.1 information disclosure (HT214036)

CVE-2023-50838 | Basix NEX-Forms Plugin up to 8.5.5 on WordPress sql injection

CVE-2023-24460 | Intel GPA Software Installer prior 2023.3 default permission (intel-sa-00831)